Interconnect bypass typically use fixed to mobile gateway components, also called Subscriber Identity Module, SIM, Boxes, to terminate international inbound calls to local subscribers by routing calls such that standard, contracted interconnect gateways are circumvented. These SIMBoxes thus enable traffic to be inserted into the telecommunication network serving those local subscribers. Interconnect bypass is also known as bypass fraud, interconnect fraud or SIMBoxing.
In a typical example of interconnect bypass, an international voice call, initiated by a calling subscriber residing in a first country and directed to a called subscriber residing in a second country, is intercepted and transferred over the internet to a SIMBox residing in that second country. The SIMBox then injects the call back into the cellular telecommunication network of the second country.
The above described call routing circumvents the standard routing of an international voice call. In such a case, the international voice call is routed through the telecommunication provider of the calling subscriber towards the core telecommunication network of the called subscriber, which is based on agreements between the operators of the two telecommunication networks.
The effect of interconnect bypass is that the standard routing of calls between (mobile) subscribers is modified, therewith resulting in a modified and undesired claim on resources of nodes present in those telecommunication networks. For example, gateway nodes in the telecommunication networks used for the communication between these networks get circumvented by the interconnect bypass process.
Another effect of interconnect bypass is that it is making mobile telecommunication networks face a revenue loss. This is caused by the rate differentials between international and local calls. The interconnect bypass process enables international calls to be billed at local rates, whereas they should have been billed at internationals rates.
Interconnect bypass is more prevalent in the countries where the costs of terminating an international call exceed the costs of a national, local call by a considerable margin, or in the countries where international gateways are monopolized by telecommunication networks owned by the government. Organizations using SIMBoxes typically sell capacity to terminate calls cheaply in these countries.
One common approach for detecting interconnect bypass is the use of test call services to identify individual SIM cards used in SIMBoxes. Test call services are considered to be a first step in controlling revenue leakage due to bypass.
However, such an approach has several drawbacks. First, coverage is tightly coupled with the number of test calls generated. Second, this approach is susceptible to counter attacks. Test call generators may become useless within a couple of days as the SIMBoxes may be arranged to reject any calls originating from a test call generator, once such a test call generator has been detected.
Another approach for detecting interconnect bypass is to analyse network data to determine whether there are any indicators present which may indicate a bypass situation. These indicators are, for example, volume of mobile originating and mobile terminating calls over time, volume of calls from one or more cells, etc.
The downside of such an approach is that the time it takes to perform a minimally accurate historical analysis of the network data is relatively long. Typically, it may take more than a week before a potential SIMBox may be detected. Such a time frame is considered too long as SIM cards present in the SIMBoxes may already have been replaced with new SIM cards, or as the SIMBox itself may already have been relocated to another location during that time frame.